From 4dd17160ca6a8e331b3c6e8d33be6d8048937e32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Mon, 23 Oct 2023 16:50:49 +0200 Subject: [PATCH 1/8] Update Dockerfile - Maintaining consistency - Size and layer optimization --- Dockerfile | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index b42b4daa5fae9..28b127b0f4862 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,12 @@ ENV TAGS "bindata timetzdata $TAGS" ARG CGO_EXTRA_CFLAGS #Build deps -RUN apk --no-cache add build-base git nodejs npm +RUN apk --no-cache add \ + build-base \ + git \ + nodejs \ + npm \ + && rm -rf /var/cache/apk/* #Setup repo COPY . ${GOPATH}/src/code.gitea.io/gitea @@ -39,7 +44,8 @@ RUN apk --no-cache add \ s6 \ sqlite \ su-exec \ - gnupg + gnupg \ + && rm -rf /var/cache/apk/* RUN addgroup \ -S -g 1000 \ @@ -65,6 +71,11 @@ COPY docker/root / COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh -RUN chmod 755 /usr/bin/entrypoint /app/gitea/gitea /usr/local/bin/gitea /usr/local/bin/environment-to-ini -RUN chmod 755 /etc/s6/gitea/* /etc/s6/openssh/* /etc/s6/.s6-svscan/* +RUN chmod 755 /usr/bin/entrypoint \ + /app/gitea/gitea \ + /usr/local/bin/gitea \ + /usr/local/bin/environment-to-ini \ + /etc/s6/gitea/* \ + /etc/s6/openssh/* \ + /etc/s6/.s6-svscan/* RUN chmod 644 /etc/profile.d/gitea_bash_autocomplete.sh From e818d8f9294b7d91b5f73f868b19287ad9562d36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Mon, 23 Oct 2023 16:55:44 +0200 Subject: [PATCH 2/8] Update Dockerfile --- Dockerfile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 28b127b0f4862..eceea77e1faa9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -#Build stage +# Build stage FROM docker.io/library/golang:1.21-alpine3.18 AS build-env ARG GOPROXY @@ -9,7 +9,7 @@ ARG TAGS="sqlite sqlite_unlock_notify" ENV TAGS "bindata timetzdata $TAGS" ARG CGO_EXTRA_CFLAGS -#Build deps +# Build deps RUN apk --no-cache add \ build-base \ git \ @@ -17,11 +17,11 @@ RUN apk --no-cache add \ npm \ && rm -rf /var/cache/apk/* -#Setup repo +# Setup repo COPY . ${GOPATH}/src/code.gitea.io/gitea WORKDIR ${GOPATH}/src/code.gitea.io/gitea -#Checkout version if set +# Checkout version if set RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ && make clean-all build @@ -64,14 +64,14 @@ ENV GITEA_CUSTOM /data/gitea VOLUME ["/data"] -ENTRYPOINT ["/usr/bin/entrypoint"] +ENTRYPOINT ["/usr/bin/entrypoint.sh"] CMD ["/bin/s6-svscan", "/etc/s6"] COPY docker/root / COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh -RUN chmod 755 /usr/bin/entrypoint \ +RUN chmod 755 /usr/bin/entrypoint.sh \ /app/gitea/gitea \ /usr/local/bin/gitea \ /usr/local/bin/environment-to-ini \ From a06804bf94dcb14a8dca7fb160054b85254cc395 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Mon, 23 Oct 2023 16:57:12 +0200 Subject: [PATCH 3/8] Update Dockerfile.rootless --- Dockerfile.rootless | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/Dockerfile.rootless b/Dockerfile.rootless index 449e630fadb4d..02f5f84175e75 100644 --- a/Dockerfile.rootless +++ b/Dockerfile.rootless @@ -1,4 +1,4 @@ -#Build stage +# Build stage FROM docker.io/library/golang:1.21-alpine3.18 AS build-env ARG GOPROXY @@ -10,13 +10,18 @@ ENV TAGS "bindata timetzdata $TAGS" ARG CGO_EXTRA_CFLAGS #Build deps -RUN apk --no-cache add build-base git nodejs npm +RUN apk --no-cache add \ + build-base \ + git \ + nodejs \ + npm \ + && rm -rf /var/cache/apk/* -#Setup repo +# Setup repo COPY . ${GOPATH}/src/code.gitea.io/gitea WORKDIR ${GOPATH}/src/code.gitea.io/gitea -#Checkout version if set +# Checkout version if set RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ && make clean-all build @@ -35,7 +40,8 @@ RUN apk --no-cache add \ gettext \ git \ curl \ - gnupg + gnupg \ + && rm -rf /var/cache/apk/* RUN addgroup \ -S -g 1000 \ @@ -58,14 +64,14 @@ COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_au RUN chmod 755 /usr/local/bin/docker-entrypoint.sh /usr/local/bin/docker-setup.sh /app/gitea/gitea /usr/local/bin/gitea /usr/local/bin/environment-to-ini RUN chmod 644 /etc/profile.d/gitea_bash_autocomplete.sh -#git:git +# git:git USER 1000:1000 ENV GITEA_WORK_DIR /var/lib/gitea ENV GITEA_CUSTOM /var/lib/gitea/custom ENV GITEA_TEMP /tmp/gitea ENV TMPDIR /tmp/gitea -#TODO add to docs the ability to define the ini to load (useful to test and revert a config) +# TODO add to docs the ability to define the ini to load (useful to test and revert a config) ENV GITEA_APP_INI /etc/gitea/app.ini ENV HOME "/var/lib/gitea/git" VOLUME ["/var/lib/gitea", "/etc/gitea"] From c63891c93198fe0fc882a5e544bbd1e44d5bc599 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Mon, 23 Oct 2023 17:17:56 +0200 Subject: [PATCH 4/8] Update and rename entrypoint to entrypoint.sh --- docker/root/usr/bin/{entrypoint => entrypoint.sh} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename docker/root/usr/bin/{entrypoint => entrypoint.sh} (94%) diff --git a/docker/root/usr/bin/entrypoint b/docker/root/usr/bin/entrypoint.sh similarity index 94% rename from docker/root/usr/bin/entrypoint rename to docker/root/usr/bin/entrypoint.sh index 0acfec4dbe4be..d9dbb3ebe0b3d 100755 --- a/docker/root/usr/bin/entrypoint +++ b/docker/root/usr/bin/entrypoint.sh @@ -7,7 +7,7 @@ if [ ! -x /bin/sh ]; then fi if [ "${USER}" != "git" ]; then - # rename user + # Rename user sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd fi @@ -19,13 +19,13 @@ if [ -z "${USER_UID}" ]; then USER_UID="`id -u ${USER}`" fi -## Change GID for USER? +# Change GID for USER? if [ -n "${USER_GID}" ] && [ "${USER_GID}" != "`id -g ${USER}`" ]; then sed -i -e "s/^${USER}:\([^:]*\):[0-9]*/${USER}:\1:${USER_GID}/" /etc/group sed -i -e "s/^${USER}:\([^:]*\):\([0-9]*\):[0-9]*/${USER}:\1:\2:${USER_GID}/" /etc/passwd fi -## Change UID for USER? +# Change UID for USER? if [ -n "${USER_UID}" ] && [ "${USER_UID}" != "`id -u ${USER}`" ]; then sed -i -e "s/^${USER}:\([^:]*\):[0-9]*:\([0-9]*\)/${USER}:\1:${USER_UID}:\2/" /etc/passwd fi From d039952d97391904d75c71ba925184adbed482aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Wed, 25 Oct 2023 20:30:11 +0200 Subject: [PATCH 5/8] Rename entrypoint.sh to entrypoint --- docker/root/usr/bin/{entrypoint.sh => entrypoint} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename docker/root/usr/bin/{entrypoint.sh => entrypoint} (100%) diff --git a/docker/root/usr/bin/entrypoint.sh b/docker/root/usr/bin/entrypoint similarity index 100% rename from docker/root/usr/bin/entrypoint.sh rename to docker/root/usr/bin/entrypoint From 16697d4a5130ecf5f1ab5c7a4ab4d911e6b85953 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Wed, 25 Oct 2023 22:02:12 +0200 Subject: [PATCH 6/8] Update Dockerfile --- Dockerfile | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index eceea77e1faa9..606d10ab47174 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,6 +28,20 @@ RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ # Begin env-to-ini build RUN go build contrib/environment-to-ini/environment-to-ini.go +# Copy local files +COPY docker/root /tmp/local + +# Set permissions +RUN chmod 755 /tmp/local/usr/bin/entrypoint \ + /tmp/local/usr/local/bin/gitea \ + /tmp/local/etc/s6/gitea/* \ + /tmp/local/etc/s6/openssh/* \ + /tmp/local/etc/s6/.s6-svscan/* \ + /go/src/code.gitea.io/gitea/gitea \ + /go/src/code.gitea.io/gitea/environment-to-ini + +RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete + FROM docker.io/library/alpine:3.18 LABEL maintainer="maintainers@gitea.io" @@ -64,18 +78,10 @@ ENV GITEA_CUSTOM /data/gitea VOLUME ["/data"] -ENTRYPOINT ["/usr/bin/entrypoint.sh"] +ENTRYPOINT ["/usr/bin/entrypoint"] CMD ["/bin/s6-svscan", "/etc/s6"] -COPY docker/root / +COPY --from=build-env /tmp/local / COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh -RUN chmod 755 /usr/bin/entrypoint.sh \ - /app/gitea/gitea \ - /usr/local/bin/gitea \ - /usr/local/bin/environment-to-ini \ - /etc/s6/gitea/* \ - /etc/s6/openssh/* \ - /etc/s6/.s6-svscan/* -RUN chmod 644 /etc/profile.d/gitea_bash_autocomplete.sh From bd95b0e25fb6aca24ddddfca015f2a070de5e25e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Wed, 25 Oct 2023 22:11:11 +0200 Subject: [PATCH 7/8] Update Dockerfile --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 606d10ab47174..5fe8df91268b8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -39,7 +39,6 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \ /tmp/local/etc/s6/.s6-svscan/* \ /go/src/code.gitea.io/gitea/gitea \ /go/src/code.gitea.io/gitea/environment-to-ini - RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete FROM docker.io/library/alpine:3.18 From 9498b76c002ca1019800a95576d45c04f0b7c0b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Krawaczy=C5=84ski?= Date: Wed, 25 Oct 2023 22:44:30 +0200 Subject: [PATCH 8/8] Update Dockerfile.rootless --- Dockerfile.rootless | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/Dockerfile.rootless b/Dockerfile.rootless index 02f5f84175e75..5ea4d2fc75190 100644 --- a/Dockerfile.rootless +++ b/Dockerfile.rootless @@ -28,6 +28,17 @@ RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ # Begin env-to-ini build RUN go build contrib/environment-to-ini/environment-to-ini.go +# Copy local files +COPY docker/rootless /tmp/local + +# Set permissions +RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \ + /tmp/local/usr/local/bin/docker-setup.sh \ + /tmp/local/usr/local/bin/gitea \ + /go/src/code.gitea.io/gitea/gitea \ + /go/src/code.gitea.io/gitea/environment-to-ini +RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete + FROM docker.io/library/alpine:3.18 LABEL maintainer="maintainers@gitea.io" @@ -57,12 +68,10 @@ RUN addgroup \ RUN mkdir -p /var/lib/gitea /etc/gitea RUN chown git:git /var/lib/gitea /etc/gitea -COPY docker/rootless / +COPY --from=build-env /tmp/local / COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh -RUN chmod 755 /usr/local/bin/docker-entrypoint.sh /usr/local/bin/docker-setup.sh /app/gitea/gitea /usr/local/bin/gitea /usr/local/bin/environment-to-ini -RUN chmod 644 /etc/profile.d/gitea_bash_autocomplete.sh # git:git USER 1000:1000 @@ -79,4 +88,3 @@ WORKDIR /var/lib/gitea ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"] CMD [] -